twhttpd Documentation
Copyright 2002 by Sam Ng
Version 1.01
Part C: Specific Configuration
Part C.1 Specific Config Options
| $listen and $forward | Syntax: IP:port Default: undefined $listen specify which IP address and port number this particular server config should be binded to. A 0.0.0.0 specify any IP address. $forward specify which IP address and port number the request should be passed to. For inbound proxy, this is should be the IP address of the internal web server. For outbond proxy, you can forward to your ISP proxy cache by specifying an IP address, or 0.0.0.0 to indicate the program to resolve the final destination IP address. |
| $forward_proxy | Syntax: enable/disable Default: disable Usually, a broswer would send this to a web server And would send belows if it connects though a proxy server GET http://www.host.com/this.html
HTTP/1.0 Although most web/proxy servers support both format, some does not. Usually $forward_proxy is used in outbound setup, and you would like to forward your request to, say, your ISP proxy server, and you should enable $forward_proxy. For most of the time, the default value works just fine. |
| $safe_url | Syntax: enable/disable Default: enable $safe_url enable URL request line parser to ensure the URL is OK and does not contains any malicious data. The following checks will be performed if $safe_url is enabled
NOTE: '#' means anchor part, but anchor part is removed before any further processing. Violation of the above rules will result in 400 BAD_REQEST.
|
| $header_check | Syntax: request/response/both/disable Default: request $check_header perform more or less the same functions as $safe_url, except it is simpler and $safe_url only checks the URL line while the $check_header checks all other header lines except URL line.
The following checks will be performed if $header_check is enable
|
| $server_version | Syntax: Any String Default: undefined $server_version define what string should return as the HTTP header field "server". This is just a simple method to fool around the hacker by sending the wrong "server" header. For example, if you are using M$soft IIS server, you can set this string to return the "server" header as something like "Netscape- Enterprise/3.6 SP2". An empty string "" means the "Server" header should not be send. Undefined will result in returning the original "Server" header. Common server version strings are listed as follows:
|
| $browser_version | Syntax: Any String Default: undefined Complement of $server_version for HTTP "User-Agent". Help to anonymoize client we browser version instead of server web server version. An empty string "" means the "User-Agent" header should not be send. Undefined will result in returning the original "User-Agent" header. Common server version strings are listed as follows:
|
| $cache | Syntax: enable/disable Default: enable Enable/disable the caching feature for this particular server config. For more info about caching, see Cache Control Details. |
| $https | Syntax: enable/disable Default: disable Enable proxy https connection. NOTE: THIS IS TYPICALLY FOR OUTBOUND PROXY ONLY. DO NOT ENABLE THIS FOR INBOUND PROXY. THIS IS NOT REQUIRED EVEN YOU WANT TO ENABLE INBOUND SSL TO YOUR INTERNAL WEB SERVER. HTTPS will only be enabled for port 443 in any case. |
| $access_log | Syntax: Any file path Default: undefined (log to syslog) The location of the access log for this particular server config. File will be created if not exist. |
| [Sam Ng Home] [twhttpd Home] |
Last Modified: 2002-02-12 |